1 /* 2 * IPv6 BSD socket options interface 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * Based on linux/net/ipv4/ip_sockglue.c 9 * 10 * This program is free software; you can redistribute it and/or 11 * modify it under the terms of the GNU General Public License 12 * as published by the Free Software Foundation; either version 13 * 2 of the License, or (at your option) any later version. 14 * 15 * FIXME: Make the setsockopt code POSIX compliant: That is 16 * 17 * o Truncate getsockopt returns 18 * o Return an optlen of the truncated length if need be 19 * 20 * Changes: 21 * David L Stevens <dlstevens@us.ibm.com>: 22 * - added multicast source filtering API for MLDv2 23 */ 24 25 #include <linux/module.h> 26 #include <linux/capability.h> 27 #include <linux/errno.h> 28 #include <linux/types.h> 29 #include <linux/socket.h> 30 #include <linux/sockios.h> 31 #include <linux/net.h> 32 #include <linux/in6.h> 33 #include <linux/mroute6.h> 34 #include <linux/netdevice.h> 35 #include <linux/if_arp.h> 36 #include <linux/init.h> 37 #include <linux/sysctl.h> 38 #include <linux/netfilter.h> 39 #include <linux/slab.h> 40 41 #include <net/sock.h> 42 #include <net/snmp.h> 43 #include <net/ipv6.h> 44 #include <net/ndisc.h> 45 #include <net/protocol.h> 46 #include <net/transp_v6.h> 47 #include <net/ip6_route.h> 48 #include <net/addrconf.h> 49 #include <net/inet_common.h> 50 #include <net/tcp.h> 51 #include <net/udp.h> 52 #include <net/udplite.h> 53 #include <net/xfrm.h> 54 #include <net/compat.h> 55 56 #include <asm/uaccess.h> 57 58 struct ip6_ra_chain *ip6_ra_chain; 59 DEFINE_RWLOCK(ip6_ra_lock); 60 61 int ip6_ra_control(struct sock *sk, int sel) 62 { 63 struct ip6_ra_chain *ra, *new_ra, **rap; 64 65 /* RA packet may be delivered ONLY to IPPROTO_RAW socket */ 66 if (sk->sk_type != SOCK_RAW || inet_sk(sk)->inet_num != IPPROTO_RAW) 67 return -ENOPROTOOPT; 68 69 new_ra = (sel>=0) ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL; 70 71 write_lock_bh(&ip6_ra_lock); 72 for (rap = &ip6_ra_chain; (ra=*rap) != NULL; rap = &ra->next) { 73 if (ra->sk == sk) { 74 if (sel>=0) { 75 write_unlock_bh(&ip6_ra_lock); 76 kfree(new_ra); 77 return -EADDRINUSE; 78 } 79 80 *rap = ra->next; 81 write_unlock_bh(&ip6_ra_lock); 82 83 sock_put(sk); 84 kfree(ra); 85 return 0; 86 } 87 } 88 if (new_ra == NULL) { 89 write_unlock_bh(&ip6_ra_lock); 90 return -ENOBUFS; 91 } 92 new_ra->sk = sk; 93 new_ra->sel = sel; 94 new_ra->next = ra; 95 *rap = new_ra; 96 sock_hold(sk); 97 write_unlock_bh(&ip6_ra_lock); 98 return 0; 99 } 100 101 static 102 struct ipv6_txoptions *ipv6_update_options(struct sock *sk, 103 struct ipv6_txoptions *opt) 104 { 105 if (inet_sk(sk)->is_icsk) { 106 if (opt && 107 !((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) && 108 inet_sk(sk)->inet_daddr != LOOPBACK4_IPV6) { 109 struct inet_connection_sock *icsk = inet_csk(sk); 110 icsk->icsk_ext_hdr_len = opt->opt_flen + opt->opt_nflen; 111 icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie); 112 } 113 opt = xchg(&inet6_sk(sk)->opt, opt); 114 } else { 115 spin_lock(&sk->sk_dst_lock); 116 opt = xchg(&inet6_sk(sk)->opt, opt); 117 spin_unlock(&sk->sk_dst_lock); 118 } 119 sk_dst_reset(sk); 120 121 return opt; 122 } 123 124 static int do_ipv6_setsockopt(struct sock *sk, int level, int optname, 125 char __user *optval, unsigned int optlen) 126 { 127 struct ipv6_pinfo *np = inet6_sk(sk); 128 struct net *net = sock_net(sk); 129 int val, valbool; 130 int retv = -ENOPROTOOPT; 131 132 if (optval == NULL) 133 val=0; 134 else { 135 if (optlen >= sizeof(int)) { 136 if (get_user(val, (int __user *) optval)) 137 return -EFAULT; 138 } else 139 val = 0; 140 } 141 142 valbool = (val!=0); 143 144 if (ip6_mroute_opt(optname)) 145 return ip6_mroute_setsockopt(sk, optname, optval, optlen); 146 147 lock_sock(sk); 148 149 switch (optname) { 150 151 case IPV6_ADDRFORM: 152 if (optlen < sizeof(int)) 153 goto e_inval; 154 if (val == PF_INET) { 155 struct ipv6_txoptions *opt; 156 struct sk_buff *pktopt; 157 158 if (sk->sk_type == SOCK_RAW) 159 break; 160 161 if (sk->sk_protocol == IPPROTO_UDP || 162 sk->sk_protocol == IPPROTO_UDPLITE) { 163 struct udp_sock *up = udp_sk(sk); 164 if (up->pending == AF_INET6) { 165 retv = -EBUSY; 166 break; 167 } 168 } else if (sk->sk_protocol != IPPROTO_TCP) 169 break; 170 171 if (sk->sk_state != TCP_ESTABLISHED) { 172 retv = -ENOTCONN; 173 break; 174 } 175 176 if (ipv6_only_sock(sk) || 177 !ipv6_addr_v4mapped(&np->daddr)) { 178 retv = -EADDRNOTAVAIL; 179 break; 180 } 181 182 fl6_free_socklist(sk); 183 ipv6_sock_mc_close(sk); 184 185 /* 186 * Sock is moving from IPv6 to IPv4 (sk_prot), so 187 * remove it from the refcnt debug socks count in the 188 * original family... 189 */ 190 sk_refcnt_debug_dec(sk); 191 192 if (sk->sk_protocol == IPPROTO_TCP) { 193 struct inet_connection_sock *icsk = inet_csk(sk); 194 local_bh_disable(); 195 sock_prot_inuse_add(net, sk->sk_prot, -1); 196 sock_prot_inuse_add(net, &tcp_prot, 1); 197 local_bh_enable(); 198 sk->sk_prot = &tcp_prot; 199 icsk->icsk_af_ops = &ipv4_specific; 200 sk->sk_socket->ops = &inet_stream_ops; 201 sk->sk_family = PF_INET; 202 tcp_sync_mss(sk, icsk->icsk_pmtu_cookie); 203 } else { 204 struct proto *prot = &udp_prot; 205 206 if (sk->sk_protocol == IPPROTO_UDPLITE) 207 prot = &udplite_prot; 208 local_bh_disable(); 209 sock_prot_inuse_add(net, sk->sk_prot, -1); 210 sock_prot_inuse_add(net, prot, 1); 211 local_bh_enable(); 212 sk->sk_prot = prot; 213 sk->sk_socket->ops = &inet_dgram_ops; 214 sk->sk_family = PF_INET; 215 } 216 opt = xchg(&np->opt, NULL); 217 if (opt) 218 sock_kfree_s(sk, opt, opt->tot_len); 219 pktopt = xchg(&np->pktoptions, NULL); 220 kfree_skb(pktopt); 221 222 sk->sk_destruct = inet_sock_destruct; 223 /* 224 * ... and add it to the refcnt debug socks count 225 * in the new family. -acme 226 */ 227 sk_refcnt_debug_inc(sk); 228 module_put(THIS_MODULE); 229 retv = 0; 230 break; 231 } 232 goto e_inval; 233 234 case IPV6_V6ONLY: 235 if (optlen < sizeof(int) || 236 inet_sk(sk)->inet_num) 237 goto e_inval; 238 np->ipv6only = valbool; 239 retv = 0; 240 break; 241 242 case IPV6_RECVPKTINFO: 243 if (optlen < sizeof(int)) 244 goto e_inval; 245 np->rxopt.bits.rxinfo = valbool; 246 retv = 0; 247 break; 248 249 case IPV6_2292PKTINFO: 250 if (optlen < sizeof(int)) 251 goto e_inval; 252 np->rxopt.bits.rxoinfo = valbool; 253 retv = 0; 254 break; 255 256 case IPV6_RECVHOPLIMIT: 257 if (optlen < sizeof(int)) 258 goto e_inval; 259 np->rxopt.bits.rxhlim = valbool; 260 retv = 0; 261 break; 262 263 case IPV6_2292HOPLIMIT: 264 if (optlen < sizeof(int)) 265 goto e_inval; 266 np->rxopt.bits.rxohlim = valbool; 267 retv = 0; 268 break; 269 270 case IPV6_RECVRTHDR: 271 if (optlen < sizeof(int)) 272 goto e_inval; 273 np->rxopt.bits.srcrt = valbool; 274 retv = 0; 275 break; 276 277 case IPV6_2292RTHDR: 278 if (optlen < sizeof(int)) 279 goto e_inval; 280 np->rxopt.bits.osrcrt = valbool; 281 retv = 0; 282 break; 283 284 case IPV6_RECVHOPOPTS: 285 if (optlen < sizeof(int)) 286 goto e_inval; 287 np->rxopt.bits.hopopts = valbool; 288 retv = 0; 289 break; 290 291 case IPV6_2292HOPOPTS: 292 if (optlen < sizeof(int)) 293 goto e_inval; 294 np->rxopt.bits.ohopopts = valbool; 295 retv = 0; 296 break; 297 298 case IPV6_RECVDSTOPTS: 299 if (optlen < sizeof(int)) 300 goto e_inval; 301 np->rxopt.bits.dstopts = valbool; 302 retv = 0; 303 break; 304 305 case IPV6_2292DSTOPTS: 306 if (optlen < sizeof(int)) 307 goto e_inval; 308 np->rxopt.bits.odstopts = valbool; 309 retv = 0; 310 break; 311 312 case IPV6_TCLASS: 313 if (optlen < sizeof(int)) 314 goto e_inval; 315 if (val < -1 || val > 0xff) 316 goto e_inval; 317 /* RFC 3542, 6.5: default traffic class of 0x0 */ 318 if (val == -1) 319 val = 0; 320 np->tclass = val; 321 retv = 0; 322 break; 323 324 case IPV6_RECVTCLASS: 325 if (optlen < sizeof(int)) 326 goto e_inval; 327 np->rxopt.bits.rxtclass = valbool; 328 retv = 0; 329 break; 330 331 case IPV6_FLOWINFO: 332 if (optlen < sizeof(int)) 333 goto e_inval; 334 np->rxopt.bits.rxflow = valbool; 335 retv = 0; 336 break; 337 338 case IPV6_RECVPATHMTU: 339 if (optlen < sizeof(int)) 340 goto e_inval; 341 np->rxopt.bits.rxpmtu = valbool; 342 retv = 0; 343 break; 344 345 case IPV6_TRANSPARENT: 346 if (valbool && !capable(CAP_NET_ADMIN) && !capable(CAP_NET_RAW)) { 347 retv = -EPERM; 348 break; 349 } 350 if (optlen < sizeof(int)) 351 goto e_inval; 352 /* we don't have a separate transparent bit for IPV6 we use the one in the IPv4 socket */ 353 inet_sk(sk)->transparent = valbool; 354 retv = 0; 355 break; 356 357 case IPV6_RECVORIGDSTADDR: 358 if (optlen < sizeof(int)) 359 goto e_inval; 360 np->rxopt.bits.rxorigdstaddr = valbool; 361 retv = 0; 362 break; 363 364 case IPV6_HOPOPTS: 365 case IPV6_RTHDRDSTOPTS: 366 case IPV6_RTHDR: 367 case IPV6_DSTOPTS: 368 { 369 struct ipv6_txoptions *opt; 370 371 /* remove any sticky options header with a zero option 372 * length, per RFC3542. 373 */ 374 if (optlen == 0) 375 optval = NULL; 376 else if (optval == NULL) 377 goto e_inval; 378 else if (optlen < sizeof(struct ipv6_opt_hdr) || 379 optlen & 0x7 || optlen > 8 * 255) 380 goto e_inval; 381 382 /* hop-by-hop / destination options are privileged option */ 383 retv = -EPERM; 384 if (optname != IPV6_RTHDR && !capable(CAP_NET_RAW)) 385 break; 386 387 opt = ipv6_renew_options(sk, np->opt, optname, 388 (struct ipv6_opt_hdr __user *)optval, 389 optlen); 390 if (IS_ERR(opt)) { 391 retv = PTR_ERR(opt); 392 break; 393 } 394 395 /* routing header option needs extra check */ 396 retv = -EINVAL; 397 if (optname == IPV6_RTHDR && opt && opt->srcrt) { 398 struct ipv6_rt_hdr *rthdr = opt->srcrt; 399 switch (rthdr->type) { 400 #if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE) 401 case IPV6_SRCRT_TYPE_2: 402 if (rthdr->hdrlen != 2 || 403 rthdr->segments_left != 1) 404 goto sticky_done; 405 406 break; 407 #endif 408 default: 409 goto sticky_done; 410 } 411 } 412 413 retv = 0; 414 opt = ipv6_update_options(sk, opt); 415 sticky_done: 416 if (opt) 417 sock_kfree_s(sk, opt, opt->tot_len); 418 break; 419 } 420 421 case IPV6_PKTINFO: 422 { 423 struct in6_pktinfo pkt; 424 425 if (optlen == 0) 426 goto e_inval; 427 else if (optlen < sizeof(struct in6_pktinfo) || optval == NULL) 428 goto e_inval; 429 430 if (copy_from_user(&pkt, optval, sizeof(struct in6_pktinfo))) { 431 retv = -EFAULT; 432 break; 433 } 434 if (sk->sk_bound_dev_if && pkt.ipi6_ifindex != sk->sk_bound_dev_if) 435 goto e_inval; 436 437 np->sticky_pktinfo.ipi6_ifindex = pkt.ipi6_ifindex; 438 np->sticky_pktinfo.ipi6_addr = pkt.ipi6_addr; 439 retv = 0; 440 break; 441 } 442 443 case IPV6_2292PKTOPTIONS: 444 { 445 struct ipv6_txoptions *opt = NULL; 446 struct msghdr msg; 447 struct flowi6 fl6; 448 int junk; 449 450 memset(&fl6, 0, sizeof(fl6)); 451 fl6.flowi6_oif = sk->sk_bound_dev_if; 452 fl6.flowi6_mark = sk->sk_mark; 453 454 if (optlen == 0) 455 goto update; 456 457 /* 1K is probably excessive 458 * 1K is surely not enough, 2K per standard header is 16K. 459 */ 460 retv = -EINVAL; 461 if (optlen > 64*1024) 462 break; 463 464 opt = sock_kmalloc(sk, sizeof(*opt) + optlen, GFP_KERNEL); 465 retv = -ENOBUFS; 466 if (opt == NULL) 467 break; 468 469 memset(opt, 0, sizeof(*opt)); 470 opt->tot_len = sizeof(*opt) + optlen; 471 retv = -EFAULT; 472 if (copy_from_user(opt+1, optval, optlen)) 473 goto done; 474 475 msg.msg_controllen = optlen; 476 msg.msg_control = (void*)(opt+1); 477 478 retv = datagram_send_ctl(net, sk, &msg, &fl6, opt, &junk, &junk, 479 &junk); 480 if (retv) 481 goto done; 482 update: 483 retv = 0; 484 opt = ipv6_update_options(sk, opt); 485 done: 486 if (opt) 487 sock_kfree_s(sk, opt, opt->tot_len); 488 break; 489 } 490 case IPV6_UNICAST_HOPS: 491 if (optlen < sizeof(int)) 492 goto e_inval; 493 if (val > 255 || val < -1) 494 goto e_inval; 495 np->hop_limit = val; 496 retv = 0; 497 break; 498 499 case IPV6_MULTICAST_HOPS: 500 if (sk->sk_type == SOCK_STREAM) 501 break; 502 if (optlen < sizeof(int)) 503 goto e_inval; 504 if (val > 255 || val < -1) 505 goto e_inval; 506 np->mcast_hops = (val == -1 ? IPV6_DEFAULT_MCASTHOPS : val); 507 retv = 0; 508 break; 509 510 case IPV6_MULTICAST_LOOP: 511 if (optlen < sizeof(int)) 512 goto e_inval; 513 if (val != valbool) 514 goto e_inval; 515 np->mc_loop = valbool; 516 retv = 0; 517 break; 518 519 case IPV6_UNICAST_IF: 520 { 521 struct net_device *dev = NULL; 522 int ifindex; 523 524 if (optlen != sizeof(int)) 525 goto e_inval; 526 527 ifindex = (__force int)ntohl((__force __be32)val); 528 if (ifindex == 0) { 529 np->ucast_oif = 0; 530 retv = 0; 531 break; 532 } 533 534 dev = dev_get_by_index(net, ifindex); 535 retv = -EADDRNOTAVAIL; 536 if (!dev) 537 break; 538 dev_put(dev); 539 540 retv = -EINVAL; 541 if (sk->sk_bound_dev_if) 542 break; 543 544 np->ucast_oif = ifindex; 545 retv = 0; 546 break; 547 } 548 549 case IPV6_MULTICAST_IF: 550 if (sk->sk_type == SOCK_STREAM) 551 break; 552 if (optlen < sizeof(int)) 553 goto e_inval; 554 555 if (val) { 556 struct net_device *dev; 557 558 if (sk->sk_bound_dev_if && sk->sk_bound_dev_if != val) 559 goto e_inval; 560 561 dev = dev_get_by_index(net, val); 562 if (!dev) { 563 retv = -ENODEV; 564 break; 565 } 566 dev_put(dev); 567 } 568 np->mcast_oif = val; 569 retv = 0; 570 break; 571 case IPV6_ADD_MEMBERSHIP: 572 case IPV6_DROP_MEMBERSHIP: 573 { 574 struct ipv6_mreq mreq; 575 576 if (optlen < sizeof(struct ipv6_mreq)) 577 goto e_inval; 578 579 retv = -EPROTO; 580 if (inet_sk(sk)->is_icsk) 581 break; 582 583 retv = -EFAULT; 584 if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq))) 585 break; 586 587 if (optname == IPV6_ADD_MEMBERSHIP) 588 retv = ipv6_sock_mc_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr); 589 else 590 retv = ipv6_sock_mc_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr); 591 break; 592 } 593 case IPV6_JOIN_ANYCAST: 594 case IPV6_LEAVE_ANYCAST: 595 { 596 struct ipv6_mreq mreq; 597 598 if (optlen < sizeof(struct ipv6_mreq)) 599 goto e_inval; 600 601 retv = -EFAULT; 602 if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq))) 603 break; 604 605 if (optname == IPV6_JOIN_ANYCAST) 606 retv = ipv6_sock_ac_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr); 607 else 608 retv = ipv6_sock_ac_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr); 609 break; 610 } 611 case MCAST_JOIN_GROUP: 612 case MCAST_LEAVE_GROUP: 613 { 614 struct group_req greq; 615 struct sockaddr_in6 *psin6; 616 617 if (optlen < sizeof(struct group_req)) 618 goto e_inval; 619 620 retv = -EFAULT; 621 if (copy_from_user(&greq, optval, sizeof(struct group_req))) 622 break; 623 if (greq.gr_group.ss_family != AF_INET6) { 624 retv = -EADDRNOTAVAIL; 625 break; 626 } 627 psin6 = (struct sockaddr_in6 *)&greq.gr_group; 628 if (optname == MCAST_JOIN_GROUP) 629 retv = ipv6_sock_mc_join(sk, greq.gr_interface, 630 &psin6->sin6_addr); 631 else 632 retv = ipv6_sock_mc_drop(sk, greq.gr_interface, 633 &psin6->sin6_addr); 634 break; 635 } 636 case MCAST_JOIN_SOURCE_GROUP: 637 case MCAST_LEAVE_SOURCE_GROUP: 638 case MCAST_BLOCK_SOURCE: 639 case MCAST_UNBLOCK_SOURCE: 640 { 641 struct group_source_req greqs; 642 int omode, add; 643 644 if (optlen < sizeof(struct group_source_req)) 645 goto e_inval; 646 if (copy_from_user(&greqs, optval, sizeof(greqs))) { 647 retv = -EFAULT; 648 break; 649 } 650 if (greqs.gsr_group.ss_family != AF_INET6 || 651 greqs.gsr_source.ss_family != AF_INET6) { 652 retv = -EADDRNOTAVAIL; 653 break; 654 } 655 if (optname == MCAST_BLOCK_SOURCE) { 656 omode = MCAST_EXCLUDE; 657 add = 1; 658 } else if (optname == MCAST_UNBLOCK_SOURCE) { 659 omode = MCAST_EXCLUDE; 660 add = 0; 661 } else if (optname == MCAST_JOIN_SOURCE_GROUP) { 662 struct sockaddr_in6 *psin6; 663 664 psin6 = (struct sockaddr_in6 *)&greqs.gsr_group; 665 retv = ipv6_sock_mc_join(sk, greqs.gsr_interface, 666 &psin6->sin6_addr); 667 /* prior join w/ different source is ok */ 668 if (retv && retv != -EADDRINUSE) 669 break; 670 omode = MCAST_INCLUDE; 671 add = 1; 672 } else /* MCAST_LEAVE_SOURCE_GROUP */ { 673 omode = MCAST_INCLUDE; 674 add = 0; 675 } 676 retv = ip6_mc_source(add, omode, sk, &greqs); 677 break; 678 } 679 case MCAST_MSFILTER: 680 { 681 struct group_filter *gsf; 682 683 if (optlen < GROUP_FILTER_SIZE(0)) 684 goto e_inval; 685 if (optlen > sysctl_optmem_max) { 686 retv = -ENOBUFS; 687 break; 688 } 689 gsf = kmalloc(optlen,GFP_KERNEL); 690 if (!gsf) { 691 retv = -ENOBUFS; 692 break; 693 } 694 retv = -EFAULT; 695 if (copy_from_user(gsf, optval, optlen)) { 696 kfree(gsf); 697 break; 698 } 699 /* numsrc >= (4G-140)/128 overflow in 32 bits */ 700 if (gsf->gf_numsrc >= 0x1ffffffU || 701 gsf->gf_numsrc > sysctl_mld_max_msf) { 702 kfree(gsf); 703 retv = -ENOBUFS; 704 break; 705 } 706 if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) { 707 kfree(gsf); 708 retv = -EINVAL; 709 break; 710 } 711 retv = ip6_mc_msfilter(sk, gsf); 712 kfree(gsf); 713 714 break; 715 } 716 case IPV6_ROUTER_ALERT: 717 if (optlen < sizeof(int)) 718 goto e_inval; 719 retv = ip6_ra_control(sk, val); 720 break; 721 case IPV6_MTU_DISCOVER: 722 if (optlen < sizeof(int)) 723 goto e_inval; 724 if (val < IP_PMTUDISC_DONT || val > IP_PMTUDISC_PROBE) 725 goto e_inval; 726 np->pmtudisc = val; 727 retv = 0; 728 break; 729 case IPV6_MTU: 730 if (optlen < sizeof(int)) 731 goto e_inval; 732 if (val && val < IPV6_MIN_MTU) 733 goto e_inval; 734 np->frag_size = val; 735 retv = 0; 736 break; 737 case IPV6_RECVERR: 738 if (optlen < sizeof(int)) 739 goto e_inval; 740 np->recverr = valbool; 741 if (!val) 742 skb_queue_purge(&sk->sk_error_queue); 743 retv = 0; 744 break; 745 case IPV6_FLOWINFO_SEND: 746 if (optlen < sizeof(int)) 747 goto e_inval; 748 np->sndflow = valbool; 749 retv = 0; 750 break; 751 case IPV6_FLOWLABEL_MGR: 752 retv = ipv6_flowlabel_opt(sk, optval, optlen); 753 break; 754 case IPV6_IPSEC_POLICY: 755 case IPV6_XFRM_POLICY: 756 retv = -EPERM; 757 if (!capable(CAP_NET_ADMIN)) 758 break; 759 retv = xfrm_user_policy(sk, optname, optval, optlen); 760 break; 761 762 case IPV6_ADDR_PREFERENCES: 763 { 764 unsigned int pref = 0; 765 unsigned int prefmask = ~0; 766 767 if (optlen < sizeof(int)) 768 goto e_inval; 769 770 retv = -EINVAL; 771 772 /* check PUBLIC/TMP/PUBTMP_DEFAULT conflicts */ 773 switch (val & (IPV6_PREFER_SRC_PUBLIC| 774 IPV6_PREFER_SRC_TMP| 775 IPV6_PREFER_SRC_PUBTMP_DEFAULT)) { 776 case IPV6_PREFER_SRC_PUBLIC: 777 pref |= IPV6_PREFER_SRC_PUBLIC; 778 break; 779 case IPV6_PREFER_SRC_TMP: 780 pref |= IPV6_PREFER_SRC_TMP; 781 break; 782 case IPV6_PREFER_SRC_PUBTMP_DEFAULT: 783 break; 784 case 0: 785 goto pref_skip_pubtmp; 786 default: 787 goto e_inval; 788 } 789 790 prefmask &= ~(IPV6_PREFER_SRC_PUBLIC| 791 IPV6_PREFER_SRC_TMP); 792 pref_skip_pubtmp: 793 794 /* check HOME/COA conflicts */ 795 switch (val & (IPV6_PREFER_SRC_HOME|IPV6_PREFER_SRC_COA)) { 796 case IPV6_PREFER_SRC_HOME: 797 break; 798 case IPV6_PREFER_SRC_COA: 799 pref |= IPV6_PREFER_SRC_COA; 800 case 0: 801 goto pref_skip_coa; 802 default: 803 goto e_inval; 804 } 805 806 prefmask &= ~IPV6_PREFER_SRC_COA; 807 pref_skip_coa: 808 809 /* check CGA/NONCGA conflicts */ 810 switch (val & (IPV6_PREFER_SRC_CGA|IPV6_PREFER_SRC_NONCGA)) { 811 case IPV6_PREFER_SRC_CGA: 812 case IPV6_PREFER_SRC_NONCGA: 813 case 0: 814 break; 815 default: 816 goto e_inval; 817 } 818 819 np->srcprefs = (np->srcprefs & prefmask) | pref; 820 retv = 0; 821 822 break; 823 } 824 case IPV6_MINHOPCOUNT: 825 if (optlen < sizeof(int)) 826 goto e_inval; 827 if (val < 0 || val > 255) 828 goto e_inval; 829 np->min_hopcount = val; 830 break; 831 case IPV6_DONTFRAG: 832 np->dontfrag = valbool; 833 retv = 0; 834 break; 835 } 836 837 release_sock(sk); 838 839 return retv; 840 841 e_inval: 842 release_sock(sk); 843 return -EINVAL; 844 } 845 846 int ipv6_setsockopt(struct sock *sk, int level, int optname, 847 char __user *optval, unsigned int optlen) 848 { 849 int err; 850 851 if (level == SOL_IP && sk->sk_type != SOCK_RAW) 852 return udp_prot.setsockopt(sk, level, optname, optval, optlen); 853 854 if (level != SOL_IPV6) 855 return -ENOPROTOOPT; 856 857 err = do_ipv6_setsockopt(sk, level, optname, optval, optlen); 858 #ifdef CONFIG_NETFILTER 859 /* we need to exclude all possible ENOPROTOOPTs except default case */ 860 if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY && 861 optname != IPV6_XFRM_POLICY) { 862 lock_sock(sk); 863 err = nf_setsockopt(sk, PF_INET6, optname, optval, 864 optlen); 865 release_sock(sk); 866 } 867 #endif 868 return err; 869 } 870 871 EXPORT_SYMBOL(ipv6_setsockopt); 872 873 #ifdef CONFIG_COMPAT 874 int compat_ipv6_setsockopt(struct sock *sk, int level, int optname, 875 char __user *optval, unsigned int optlen) 876 { 877 int err; 878 879 if (level == SOL_IP && sk->sk_type != SOCK_RAW) { 880 if (udp_prot.compat_setsockopt != NULL) 881 return udp_prot.compat_setsockopt(sk, level, optname, 882 optval, optlen); 883 return udp_prot.setsockopt(sk, level, optname, optval, optlen); 884 } 885 886 if (level != SOL_IPV6) 887 return -ENOPROTOOPT; 888 889 if (optname >= MCAST_JOIN_GROUP && optname <= MCAST_MSFILTER) 890 return compat_mc_setsockopt(sk, level, optname, optval, optlen, 891 ipv6_setsockopt); 892 893 err = do_ipv6_setsockopt(sk, level, optname, optval, optlen); 894 #ifdef CONFIG_NETFILTER 895 /* we need to exclude all possible ENOPROTOOPTs except default case */ 896 if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY && 897 optname != IPV6_XFRM_POLICY) { 898 lock_sock(sk); 899 err = compat_nf_setsockopt(sk, PF_INET6, optname, 900 optval, optlen); 901 release_sock(sk); 902 } 903 #endif 904 return err; 905 } 906 907 EXPORT_SYMBOL(compat_ipv6_setsockopt); 908 #endif 909 910 static int ipv6_getsockopt_sticky(struct sock *sk, struct ipv6_txoptions *opt, 911 int optname, char __user *optval, int len) 912 { 913 struct ipv6_opt_hdr *hdr; 914 915 if (!opt) 916 return 0; 917 918 switch(optname) { 919 case IPV6_HOPOPTS: 920 hdr = opt->hopopt; 921 break; 922 case IPV6_RTHDRDSTOPTS: 923 hdr = opt->dst0opt; 924 break; 925 case IPV6_RTHDR: 926 hdr = (struct ipv6_opt_hdr *)opt->srcrt; 927 break; 928 case IPV6_DSTOPTS: 929 hdr = opt->dst1opt; 930 break; 931 default: 932 return -EINVAL; /* should not happen */ 933 } 934 935 if (!hdr) 936 return 0; 937 938 len = min_t(unsigned int, len, ipv6_optlen(hdr)); 939 if (copy_to_user(optval, hdr, len)) 940 return -EFAULT; 941 return len; 942 } 943 944 static int do_ipv6_getsockopt(struct sock *sk, int level, int optname, 945 char __user *optval, int __user *optlen, unsigned int flags) 946 { 947 struct ipv6_pinfo *np = inet6_sk(sk); 948 int len; 949 int val; 950 951 if (ip6_mroute_opt(optname)) 952 return ip6_mroute_getsockopt(sk, optname, optval, optlen); 953 954 if (get_user(len, optlen)) 955 return -EFAULT; 956 switch (optname) { 957 case IPV6_ADDRFORM: 958 if (sk->sk_protocol != IPPROTO_UDP && 959 sk->sk_protocol != IPPROTO_UDPLITE && 960 sk->sk_protocol != IPPROTO_TCP) 961 return -ENOPROTOOPT; 962 if (sk->sk_state != TCP_ESTABLISHED) 963 return -ENOTCONN; 964 val = sk->sk_family; 965 break; 966 case MCAST_MSFILTER: 967 { 968 struct group_filter gsf; 969 int err; 970 971 if (len < GROUP_FILTER_SIZE(0)) 972 return -EINVAL; 973 if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0))) 974 return -EFAULT; 975 if (gsf.gf_group.ss_family != AF_INET6) 976 return -EADDRNOTAVAIL; 977 lock_sock(sk); 978 err = ip6_mc_msfget(sk, &gsf, 979 (struct group_filter __user *)optval, optlen); 980 release_sock(sk); 981 return err; 982 } 983 984 case IPV6_2292PKTOPTIONS: 985 { 986 struct msghdr msg; 987 struct sk_buff *skb; 988 989 if (sk->sk_type != SOCK_STREAM) 990 return -ENOPROTOOPT; 991 992 msg.msg_control = optval; 993 msg.msg_controllen = len; 994 msg.msg_flags = flags; 995 996 lock_sock(sk); 997 skb = np->pktoptions; 998 if (skb) 999 atomic_inc(&skb->users); 1000 release_sock(sk); 1001 1002 if (skb) { 1003 int err = datagram_recv_ctl(sk, &msg, skb); 1004 kfree_skb(skb); 1005 if (err) 1006 return err; 1007 } else { 1008 if (np->rxopt.bits.rxinfo) { 1009 struct in6_pktinfo src_info; 1010 src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif : 1011 np->sticky_pktinfo.ipi6_ifindex; 1012 src_info.ipi6_addr = np->mcast_oif ? np->daddr : np->sticky_pktinfo.ipi6_addr; 1013 put_cmsg(&msg, SOL_IPV6, IPV6_PKTINFO, sizeof(src_info), &src_info); 1014 } 1015 if (np->rxopt.bits.rxhlim) { 1016 int hlim = np->mcast_hops; 1017 put_cmsg(&msg, SOL_IPV6, IPV6_HOPLIMIT, sizeof(hlim), &hlim); 1018 } 1019 if (np->rxopt.bits.rxtclass) { 1020 int tclass = np->rcv_tclass; 1021 put_cmsg(&msg, SOL_IPV6, IPV6_TCLASS, sizeof(tclass), &tclass); 1022 } 1023 if (np->rxopt.bits.rxoinfo) { 1024 struct in6_pktinfo src_info; 1025 src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif : 1026 np->sticky_pktinfo.ipi6_ifindex; 1027 src_info.ipi6_addr = np->mcast_oif ? np->daddr : np->sticky_pktinfo.ipi6_addr; 1028 put_cmsg(&msg, SOL_IPV6, IPV6_2292PKTINFO, sizeof(src_info), &src_info); 1029 } 1030 if (np->rxopt.bits.rxohlim) { 1031 int hlim = np->mcast_hops; 1032 put_cmsg(&msg, SOL_IPV6, IPV6_2292HOPLIMIT, sizeof(hlim), &hlim); 1033 } 1034 } 1035 len -= msg.msg_controllen; 1036 return put_user(len, optlen); 1037 } 1038 case IPV6_MTU: 1039 { 1040 struct dst_entry *dst; 1041 1042 val = 0; 1043 rcu_read_lock(); 1044 dst = __sk_dst_get(sk); 1045 if (dst) 1046 val = dst_mtu(dst); 1047 rcu_read_unlock(); 1048 if (!val) 1049 return -ENOTCONN; 1050 break; 1051 } 1052 1053 case IPV6_V6ONLY: 1054 val = np->ipv6only; 1055 break; 1056 1057 case IPV6_RECVPKTINFO: 1058 val = np->rxopt.bits.rxinfo; 1059 break; 1060 1061 case IPV6_2292PKTINFO: 1062 val = np->rxopt.bits.rxoinfo; 1063 break; 1064 1065 case IPV6_RECVHOPLIMIT: 1066 val = np->rxopt.bits.rxhlim; 1067 break; 1068 1069 case IPV6_2292HOPLIMIT: 1070 val = np->rxopt.bits.rxohlim; 1071 break; 1072 1073 case IPV6_RECVRTHDR: 1074 val = np->rxopt.bits.srcrt; 1075 break; 1076 1077 case IPV6_2292RTHDR: 1078 val = np->rxopt.bits.osrcrt; 1079 break; 1080 1081 case IPV6_HOPOPTS: 1082 case IPV6_RTHDRDSTOPTS: 1083 case IPV6_RTHDR: 1084 case IPV6_DSTOPTS: 1085 { 1086 1087 lock_sock(sk); 1088 len = ipv6_getsockopt_sticky(sk, np->opt, 1089 optname, optval, len); 1090 release_sock(sk); 1091 /* check if ipv6_getsockopt_sticky() returns err code */ 1092 if (len < 0) 1093 return len; 1094 return put_user(len, optlen); 1095 } 1096 1097 case IPV6_RECVHOPOPTS: 1098 val = np->rxopt.bits.hopopts; 1099 break; 1100 1101 case IPV6_2292HOPOPTS: 1102 val = np->rxopt.bits.ohopopts; 1103 break; 1104 1105 case IPV6_RECVDSTOPTS: 1106 val = np->rxopt.bits.dstopts; 1107 break; 1108 1109 case IPV6_2292DSTOPTS: 1110 val = np->rxopt.bits.odstopts; 1111 break; 1112 1113 case IPV6_TCLASS: 1114 val = np->tclass; 1115 break; 1116 1117 case IPV6_RECVTCLASS: 1118 val = np->rxopt.bits.rxtclass; 1119 break; 1120 1121 case IPV6_FLOWINFO: 1122 val = np->rxopt.bits.rxflow; 1123 break; 1124 1125 case IPV6_RECVPATHMTU: 1126 val = np->rxopt.bits.rxpmtu; 1127 break; 1128 1129 case IPV6_PATHMTU: 1130 { 1131 struct dst_entry *dst; 1132 struct ip6_mtuinfo mtuinfo; 1133 1134 if (len < sizeof(mtuinfo)) 1135 return -EINVAL; 1136 1137 len = sizeof(mtuinfo); 1138 memset(&mtuinfo, 0, sizeof(mtuinfo)); 1139 1140 rcu_read_lock(); 1141 dst = __sk_dst_get(sk); 1142 if (dst) 1143 mtuinfo.ip6m_mtu = dst_mtu(dst); 1144 rcu_read_unlock(); 1145 if (!mtuinfo.ip6m_mtu) 1146 return -ENOTCONN; 1147 1148 if (put_user(len, optlen)) 1149 return -EFAULT; 1150 if (copy_to_user(optval, &mtuinfo, len)) 1151 return -EFAULT; 1152 1153 return 0; 1154 break; 1155 } 1156 1157 case IPV6_TRANSPARENT: 1158 val = inet_sk(sk)->transparent; 1159 break; 1160 1161 case IPV6_RECVORIGDSTADDR: 1162 val = np->rxopt.bits.rxorigdstaddr; 1163 break; 1164 1165 case IPV6_UNICAST_HOPS: 1166 case IPV6_MULTICAST_HOPS: 1167 { 1168 struct dst_entry *dst; 1169 1170 if (optname == IPV6_UNICAST_HOPS) 1171 val = np->hop_limit; 1172 else 1173 val = np->mcast_hops; 1174 1175 if (val < 0) { 1176 rcu_read_lock(); 1177 dst = __sk_dst_get(sk); 1178 if (dst) 1179 val = ip6_dst_hoplimit(dst); 1180 rcu_read_unlock(); 1181 } 1182 1183 if (val < 0) 1184 val = sock_net(sk)->ipv6.devconf_all->hop_limit; 1185 break; 1186 } 1187 1188 case IPV6_MULTICAST_LOOP: 1189 val = np->mc_loop; 1190 break; 1191 1192 case IPV6_MULTICAST_IF: 1193 val = np->mcast_oif; 1194 break; 1195 1196 case IPV6_UNICAST_IF: 1197 val = (__force int)htonl((__u32) np->ucast_oif); 1198 break; 1199 1200 case IPV6_MTU_DISCOVER: 1201 val = np->pmtudisc; 1202 break; 1203 1204 case IPV6_RECVERR: 1205 val = np->recverr; 1206 break; 1207 1208 case IPV6_FLOWINFO_SEND: 1209 val = np->sndflow; 1210 break; 1211 1212 case IPV6_ADDR_PREFERENCES: 1213 val = 0; 1214 1215 if (np->srcprefs & IPV6_PREFER_SRC_TMP) 1216 val |= IPV6_PREFER_SRC_TMP; 1217 else if (np->srcprefs & IPV6_PREFER_SRC_PUBLIC) 1218 val |= IPV6_PREFER_SRC_PUBLIC; 1219 else { 1220 /* XXX: should we return system default? */ 1221 val |= IPV6_PREFER_SRC_PUBTMP_DEFAULT; 1222 } 1223 1224 if (np->srcprefs & IPV6_PREFER_SRC_COA) 1225 val |= IPV6_PREFER_SRC_COA; 1226 else 1227 val |= IPV6_PREFER_SRC_HOME; 1228 break; 1229 1230 case IPV6_MINHOPCOUNT: 1231 val = np->min_hopcount; 1232 break; 1233 1234 case IPV6_DONTFRAG: 1235 val = np->dontfrag; 1236 break; 1237 1238 default: 1239 return -ENOPROTOOPT; 1240 } 1241 len = min_t(unsigned int, sizeof(int), len); 1242 if(put_user(len, optlen)) 1243 return -EFAULT; 1244 if(copy_to_user(optval,&val,len)) 1245 return -EFAULT; 1246 return 0; 1247 } 1248 1249 int ipv6_getsockopt(struct sock *sk, int level, int optname, 1250 char __user *optval, int __user *optlen) 1251 { 1252 int err; 1253 1254 if (level == SOL_IP && sk->sk_type != SOCK_RAW) 1255 return udp_prot.getsockopt(sk, level, optname, optval, optlen); 1256 1257 if(level != SOL_IPV6) 1258 return -ENOPROTOOPT; 1259 1260 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen, 0); 1261 #ifdef CONFIG_NETFILTER 1262 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1263 if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) { 1264 int len; 1265 1266 if (get_user(len, optlen)) 1267 return -EFAULT; 1268 1269 lock_sock(sk); 1270 err = nf_getsockopt(sk, PF_INET6, optname, optval, 1271 &len); 1272 release_sock(sk); 1273 if (err >= 0) 1274 err = put_user(len, optlen); 1275 } 1276 #endif 1277 return err; 1278 } 1279 1280 EXPORT_SYMBOL(ipv6_getsockopt); 1281 1282 #ifdef CONFIG_COMPAT 1283 int compat_ipv6_getsockopt(struct sock *sk, int level, int optname, 1284 char __user *optval, int __user *optlen) 1285 { 1286 int err; 1287 1288 if (level == SOL_IP && sk->sk_type != SOCK_RAW) { 1289 if (udp_prot.compat_getsockopt != NULL) 1290 return udp_prot.compat_getsockopt(sk, level, optname, 1291 optval, optlen); 1292 return udp_prot.getsockopt(sk, level, optname, optval, optlen); 1293 } 1294 1295 if (level != SOL_IPV6) 1296 return -ENOPROTOOPT; 1297 1298 if (optname == MCAST_MSFILTER) 1299 return compat_mc_getsockopt(sk, level, optname, optval, optlen, 1300 ipv6_getsockopt); 1301 1302 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen, 1303 MSG_CMSG_COMPAT); 1304 #ifdef CONFIG_NETFILTER 1305 /* we need to exclude all possible ENOPROTOOPTs except default case */ 1306 if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) { 1307 int len; 1308 1309 if (get_user(len, optlen)) 1310 return -EFAULT; 1311 1312 lock_sock(sk); 1313 err = compat_nf_getsockopt(sk, PF_INET6, 1314 optname, optval, &len); 1315 release_sock(sk); 1316 if (err >= 0) 1317 err = put_user(len, optlen); 1318 } 1319 #endif 1320 return err; 1321 } 1322 1323 EXPORT_SYMBOL(compat_ipv6_getsockopt); 1324 #endif 1325 1326